Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Need add a success message after send a recover password mail in the NG2 login #9828

Closed
bryanboza opened this issue Sep 23, 2016 · 5 comments
Closed

Need add a success message after send a recover password mail in the NG2 login #9828

bryanboza opened this issue Sep 23, 2016 · 5 comments
Assignees
@oswaldogallango
Labels
Merged QA : Approved Release : 4.0.0 Type : Defect
Milestone
3.7.0_101416_CODY

Comments

@bryanboza
Copy link
Member

As the old UI after send the recover password mail, we return to the login window and shows a success message, we need do that in the new UI..

Expected Behavior

We need add a new success message

Current Behavior

Right now the system is sending the mail, but is not showing nothing

Steps to Reproduce (for bugs)

  • Click to forgot password link
  • Type a valid email adress
  • Validate the system is showing a success message

Your Environment

Master-3.7
Postgres
FireFox
@bryanboza bryanboza added this to the 3.7.0 milestone Sep 23, 2016
@oswaldogallango oswaldogallango self-assigned this Sep 26, 2016
oswaldogallango pushed a commit to dotCMS/core-web that referenced this issue Sep 27, 2016
dotCMS/core#9828 included message
fcc81a4
@oswaldogallango
Copy link
Contributor

PR dotCMS/core-web#198

oswaldogallango pushed a commit to dotCMS/core-web that referenced this issue Sep 27, 2016
dotCMS/core#9828 included comment
c6335c1
jgambarios added a commit to dotCMS/core-web that referenced this issue Sep 27, 2016
@jgambarios
Merge pull request #198 from dotCMS/issue-9828-need-to-add-success-me…
f6d5200 
…ssage-after-recover-password

dotCMS/core#9828 included message
@bryanboza
Copy link
Member Author

We need this message: http://screencast.com/t/FmqLvDTSjUq

oswaldogallango pushed a commit to dotCMS/core-web that referenced this issue Sep 27, 2016
dotCMS/core#9828 included sent email message
ab8232f
@oswaldogallango
Copy link
Contributor

P.R dotCMS/core-web#199

jgambarios added a commit to dotCMS/core-web that referenced this issue Sep 27, 2016
@jgambarios
Merge pull request #199 from dotCMS/issue-9828-add-sent-email-message
57fd1d3 
dotCMS/core#9828 included sent email message
@bryanboza
Copy link
Member Author

Fixed, tested on master-3.7 // postgres // FF

@jgambarios jgambarios modified the milestones: Cody Current, 3.7.0 Sep 28, 2016
@chrismccracken
Copy link
Contributor

Adding this notification is actually a bit of a security vulnerability and should be avoided as a best practice. This notification allows an attacker performing reconnaissance to determine which emails are valid dotCMS accounts and can be targeted for an exploit (typically via spear-phishing). The message displayed here should be only:

If you have provided the email or username of a valid dotCMS user, an email with instructions has been sent to that user's email address

This should be displayed regardless of if the user/email exists or not.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@oswaldogallango oswaldogallango

Labels
Merged QA : Approved Release : 4.0.0 Type : Defect
Projects
None yet
Milestone
3.7.0_101416_CODY
Development

No branches or pull requests
5 participants
@jgambarios @jtesser @oswaldogallango @bryanboza @chrismccracken